CORDIS

The Smart Grid (SG) paradigm is the next technological leap of the conventional electrical grid, contributing to the protection of the physical environment and providing multiple advantages such as increased reliability, better service quality, and efficient utilization of the existing infrastructure. Despite the fact that it brings beneficial environmental, economic, and social changes, the current SG infrastructure possesses important security and privacy challenges. In particular, the heterogeneity of the devices used in the SG and the communication protocols, as they adopted from the legacy grid, present severe security gaps. Furthermore, the existence of legacy technologies, such as the Supervisory Control and Data Acquisition (SCADA) systems, increase the potential risks, since these systems seem unable to integrate modernised security solutions. The security threats in SG mainly target on the availability, integrity, and confidentiality of individual entities, including Denial of Service (DoS) attacks that aim to disrupt the network services and cause significant damages, such as a power outage, false data injection attacks that can modify the data of smart meters, and Man in the Middle (MiTM) attackcs that may violate the systema data privacy. Apart from these threats, the Advanced Persistent Threat (APT) attacks are even more dangerous. APTs specifiy a set of organized and long duration attacks by security specialists against a particular target, e.g. a power generator. The latest cybersecurity incidents against critical infrastructures, such as the Stuxnet worm against Ukrainian substations, indicate the high impact of the sophisticated attacks against critical infrastructure.

As society is becoming increasingly dependent on SG, new technologies are required to address modern cybersecurity incidents. In the light of the aforementioned remarks, Secure and Private Smart Grid (SPEAR) project aims at:

(1) To define a robust system architecture for providing situational awareness in relation to cyber security threats.
(2) To build attack detection mechanisms and promote operational resilience in SG.
(3) To increase the situational awareness in SG networks.
(4) To create and maintain an anonymous repository of SG incidents.
(5) To provide smart network forensics subject to data protection and privacy.
(6) To empower EU-wide consensus of cybersecurity in SG systems.
(7) To validate the SPEAR architecture capabilities in proof-of-concept use cases.
(8) To design an innovative business model and conduct a techno-economic analysis to strengthen the role of European smart grid and cybersecurity industry in the global market.

The SPEAR project aspires to provide effective solutions in detecting, responding and taking countermeasures against advanced cyber threats and attacks targeted to modern smart grids. During the first year of the project, the user, security and privacy requirements were identified and the technical specifications of the SPEAR architecture were defined. In addition, functional and non-functional requirements of the SPEAR project were identified along with the appropriate Key Performance Indicators (KPIs) and the corresponding evaluation strategy.

The design and development of the SPEAR SIEM system began also in the first year. The SPEAR Security Information and Event Management (SIEM) system is capable of timely detecting threats, anomalies and cyberattacks. To this end, the SPEAR SIEM collects various data types, such as TCP/IP network flows, attributes of the application layer protocols and operational data like electricity measurements for detecting security anomalies. Moreover, SPEAR SIEM includes advanced visual analytics for preventing suspicious actions and possible anomalies.

In order to stimulate the EU-wide Consensus against cyberattacks in SG environments, an anonymous repository of critical incidents across European energy-related organizations was designed. The energy actors will be able to broadcast sensitive information anonymously without exposing the reputation of their organization.

The business perspectives of the SPEAR project were also investigated in conjunction with the techno-economic analysis of advancing and promoting SPEAR’s solutions to the market. The initial exploitation strategy was drafted to explore the commercial viability of the project products.

Regarding the dissemination activities, 3 journal and 7 conference papers were published during the first year. Moreover, SPEAR partners participated three events:

1) EPRI advisory meeting (Madrid, Spain, 23th of May 2018): the SPEAR project was presented as part of the European Initiatives on Smart Grid Cyber Security,
2) 3rd Energy Tech Forum (Athens, Greece, 15th of November 2018): an overview of the SPEAR project was presented to the forum.
3) GHOST H2020 Clustering workshop (Athens, Greece, 28th of March 2019): an overview of the SPEAR project was presented to the workshop.

The core challenge of SPEAR is to develop a novel, secure and privacy-enabled three-tier approach/architecture for protecting critical infrastructures. Thus will enable the next phase of SG in addressing the ever-growing number of cyber-threats and attacks. This will greatly benefit society as a whole since potential paralysis of several societal sectors due to domino and cascade effects will be avoided.

In addition, this will also have a positive environmental impact by means of physical resources expenditure limitation and better network load balancing. SPEAR will radically decrease the detection and respond time to sophisticated cyberattacks through efficiently processing the collected events using big data analytics and visualization, whilst providing enhanced data and network monitoring mechanisms. This will contribute to the limitation of SG, and as a consequence of businesses’ and supply chains’ in general, disruptions positively influencing production and sales and saving high costs of response, repair, and clean actions.

SPEAR will also greatly impact the way sensitive information will be exchanged, providing an EU-wide anonymous interconnection of SG operators through friend-to-friend network and allowing the operators to harness the benefits of sharing, with the proactive defense of their infrastructure and the introduction of novel business scenarios. Along with the privacy perversion framework that will incorporate, SPEAR is expected to significantly boost citizens’ confidence and trust towards critical infrastructures.

Moreover, SPEAR clearly contributes to the reduction of the degree of fragmentation in the area of critical infrastructure and to the EU vision for a common framework/certification through the development of powerful platform that allows continuous innovation by means of key functionalities exposed to energy providers and 3rd party programmers.

Overall, the SPEAR project will provide an appropriate framework for the European industry to remain competitive in the critical infrastructure protection systems and technology space, enabling an efficient security and privacy-preserving platform that will protect critical infrastructures from cyber-attacks and threats, while facilitating an anonymous sharing of sensitive information, and thus creating new opportunities for growth and economic development.